25 lines
948 B
Plaintext
25 lines
948 B
Plaintext
<VirtualHost gnusocial.example:80>
|
|
Redirect permanent / https://gnusocial.example/
|
|
</VirtualHost>
|
|
|
|
<VirtualHost gnusocial.example:443>
|
|
ServerName gnusocial.example
|
|
|
|
DocumentRoot /etc/share/gnusocial
|
|
DirectoryIndex index.php
|
|
<Directory /etc/share/gnusocial>
|
|
AllowOverride All
|
|
Order Deny,Allow
|
|
Allow from all
|
|
</Directory>
|
|
|
|
SSLCertificateFile /etc/letsencrypt/live/$ServerName/fullchain.pem
|
|
SSLCertificateKeyFile /etc/letsencrypt/live/$ServerName/privkey.pem
|
|
SSLProtocol All -SSLv2 -SSLv3
|
|
SSLHonorCipherOrder On
|
|
SSLCompression off
|
|
SSLCipherSuite 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA'
|
|
|
|
Header always set Strict-Transport-Security "max-age=15768000"
|
|
</VirtualHost>
|